Security update for docker

This update for docker fixes the following issues: Update to docker-buildx v0.28.0. See upstream changelog: Update to Docker 28.4.0-ce. See upstream changelog: Update warnings and errors related to "docker buildx ..." so that they reference our openSUSE docker-buildx packages. Enable building...

SUSE-SU-2025:20743-1 Security update for docker

This update for docker fixes the following issues: Update to docker-buildx v0.28.0. See upstream changelog: Update to Docker 28.4.0-ce. See upstream changelog: - Update warnings and errors related to "docker buildx ..." so that they reference our openSUSE docker-buildx packages. - Enable building...

[SECURITY] Fedora 43 Update: podman-5.6.1-1.fc43

podman Pod Manager is a fully featured container engine that is a simple daemonless tool. podman provides a Docker-CLI comparable command line that eases the transition from other container engines and allows the management of pods, containers and images. Simply put: alias docker=3Dpodman. Most...

[SECURITY] Fedora 42 Update: podman-5.6.1-1.fc42

podman Pod Manager is a fully featured container engine that is a simple daemonless tool. podman provides a Docker-CLI comparable command line that eases the transition from other container engines and allows the management of pods, containers and images. Simply put: alias docker=3Dpodman. Most...

Linux Distros Unpatched Vulnerability : CVE-2020-8907

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability in Google Cloud Platform's guest-oslogin versions between 20190304 and 20200507 allows a user that is only granted the role roles/compute.osLogi...

New Docker Malware Strain Spotted Blocking Rivals on Exposed APIs

Akamai finds new Docker malware blocking rivals on exposed APIs, replacing cryptominers with tools that hint at early botnet development...

TOR-Based Cryptojacking Attack Expands Through Misconfigured Docker APIs

Cybersecurity researchers have discovered a variant of a recently disclosed campaign that abuses the TOR network for cryptojacking attacks targeting exposed Docker APIs. Akamai, which discovered the latest activity last month, said it's designed to block other actors from accessing the Docker API...

[SECURITY] Fedora 41 Update: podman-5.6.1-1.fc41

podman Pod Manager is a fully featured container engine that is a simple daemonless tool. podman provides a Docker-CLI comparable command line that eases the transition from other container engines and allows the management of pods, containers and images. Simply put: alias docker=3Dpodman. Most...

Off Your Docker: Exposed APIs Are Targeted in New Malware Strain

...

vulhub

This is a pre-built vulnerable environment based on Docker-Compose, provided by the Vulhub project. The repository contains a collection of vulnerable applications and services, along with their corresponding Dockerfiles and configuration files. The vulnerable environments are designed to help...

Exploit for Deserialization of Untrusted Data in Siemens 6Bk1602-0Aa12-0Tp0_Firmware

log4j-shell-poc A Proof-Of-Concept for the recently found CVE-2021-44228 vulnerability. Recently there was a new vulnerability in log4j, a java logging library that is very widely used in the likes of elasticsearch, minecraft and numerous others. In this repository we have made and example...

MaraDNS

MaraDNS is an open-source DNS server. It is a small, lightweight, and highly customizable DNS server that can be used as an authoritative or recursive nameserver. MaraDNS is written in C and is designed to be easy to configure and use. The repository contains a variety of files, including a READM...

MaraDNS_1

This is a repository for MaraDNS, a small open-source DNS server. The repository contains various files and scripts for building and testing MaraDNS, including a Dockerfile for creating a Docker image to test installing MaraDNS on a fresh Ubuntu 22.04 virtual machine. The repository includes a...

Exploit for Expression Language Injection in Atlassian Confluence_Data_Center

This repository is a collection of proof-of-concept PoC exploits from Datadog Security Labs. The exploits are designed to demonstrate vulnerabilities in various software products, including Confluence, OpenSSL, and Spring. The repository contains code and instructions for running the exploits, as...

kubei

Kubei is a flexible Kubernetes runtime scanner that scans worker nodes and Kubernetes nodes' images, providing accurate vulnerability assessments. It is a vulnerability scanner and CIS Docker scanner. The repository contains various files, including .dockerignore, .families.yaml,...

La MaraDNS

MaraDNS is a small open-source DNS server. It is an authoritative DNS server that handles recursion using the included "Deadwood" program. The MaraDNS repository contains various files, including a README, CHANGELOG, and Dockerfile, which provide information on how to compile and run MaraDNS, as...

Exploit for CVE-2025-57833

Django SQL Injection Test Environment CVE-2025-57833 This i...

Exploit for SQL Injection in Sangoma Freepbx

Work in Progress FreePBX CVE-2025-57819 Lab - Unauth SQLi →...

Exploit for Unrestricted Upload of File with Dangerous Type in Codedropz Drag_And_Drop_Multiple_File_Upload_-_Contact_Form_7

CVE-2025-3515 WordPress Lab Drag and Drop Multiple File Uploa...

CVE-2025-55473

CVE-2025-55473 affects Asian Arts Talents Foundation (AATF) Website v5.1.x and its Docker image 2024.12.8.1. The vulnerability is a Cross-Site Scripting (XSS) in the /ip.php endpoint, where the X-Forwarded-For HTTP header is parsed and displayed without proper sanitization or output encoding. Thi...